So, this is a tricky situation. Apple TV is setup to connect to a 802.1x network, but can't connect to it without a valid certificate. The certificate cannot be validated without a correct time (via NTP). It cannot connect to ntp without a valid network connection. And it can't connect to the 802.1x network without a valid certificate!
Talk about Catch-22!
Is there a way to setup an SSID for Apple TV's only to connect to. Have this SSID have a pre-authenticated vlan setup and then authenticate via 802.1x after a valid certificate is established (via a time set on the Apple TV from NTP?